Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker Secret Support #411

Open
beny2000 opened this issue Jan 15, 2025 · 6 comments
Open

Docker Secret Support #411

beny2000 opened this issue Jan 15, 2025 · 6 comments
Labels
enhancement New feature or request

Comments

@beny2000
Copy link

Hi, love the project. It's the most straightforward approach to monitoring I've come across. I was wondering if there is (or will be) Docker secret support for environment variables. I'd like to be able to specify the agent key in a Docker secret and pass the file path as the environment variable, as is common with other services.

For example, being able to do something like this would be great

beszel-agent:
  image: henrygd/beszel-agent
  network_mode: host
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock:ro
  environment:
    PORT: 45879
    KEY_FILE: /run/secrets/beszel_agent_key
  secrets:
     - beszel_agent_key

Thanks
@beny2000
Copy link
Author

Added support for this in #412

@henrygd henrygd added the enhancement New feature or request label Jan 15, 2025
@henrygd
Copy link
Owner

henrygd commented Jan 15, 2025

Thanks, I'll check it out tomorrow.

@arunoruto
Copy link

The KEY_FILE support will make it easier to support a nix service module in the future!

@arunoruto arunoruto mentioned this issue Feb 6, 2025
Closed
13 tasks
@jo-chemla
Copy link

jo-chemla commented Feb 24, 2025
edited
Loading

Would be great to have this feature added to the docs, as well as inform on how to use it without docker-secrets.

I tried multiple variations (via portainer) of the following, before realizing the PR was merged after the latest release of jan 6. Then I tried using a beta container-image image: ghcr.io/henrygd/beszel-agent, but it seems that these are not public, which is probably intentional: Failed to deploy a stack: compose up operation failed: Error response from daemon: Head "https://ghcr.io/v2/henrygd/beszel-agent/manifests/latest": denied.

    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /host-path/beszel/beszel-key-file.txt:/beszel/beszel-key-file.txt
    environment:
      # KEY: "ssh-ed123456 random" 
      # KEY_FILE: /host-path/beszel/beszel-key-file.txt
      KEY_FILE: /beszel/beszel-key-file.txt

EDIT:
I tried multiple other things, but beszel-agent lacks several commands like export, echo etc, so I could not edit container entrypoint or post_start commands.

    entrypoint: export KEY="ssh-ed12345 random" && /agent
    post_start:
      - command: echo "test" && KEY=$(cat /beszel/beszel-key-file.txt) && echo "$KEY" && echo "end"

Portainer does not accept within stack an env_file variable described by a relative-path, it has to be an absolute path from a volume that has been mounted to the portainer container itself. So I finally succeeded in defining KEY via environment file, by exposing the directory where the .env is located to portainer container, and assigning that as an env_file for the beszel-agent container.

@henrygd
Copy link
Owner

henrygd commented Feb 24, 2025

Sorry about that. The next release has been a bit delayed but I hope to have it wrapped up in the next few days.

@jo-chemla
Copy link

No worries and no need to rush, it's open-source!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@henrygd @jo-chemla @arunoruto @beny2000